Recently, Zhu et al. proposed an password-based authenticated key exchange protocol based on RSA such that it is efficient enough to be implemented on most of the target low-power devices such as smart cards and low-power Personal Digital Assistants in wireless networks. They claimed that the proposed scheme is secure against dictionary attacks. In this paper, we show that the scheme proposed by Zhu et al. is insecure against undetectable on-line password guessing attacks. Furthermore, we examine Zhu et al.'s protocol and find that Zhu et al.'s protocol does not achieve explicit key authentication. An improved version is then proposed to defeat the undetectable on-line password guessing attacks and also provide explicit key authentication.

We present a new scheduling policy named Value-based Processor Allocation (VPA-k) for scheduling value-based transactions in a multiprocessor real-time database system. The value of a transaction represents the profit the transaction contributes to the system if it is completed before its deadline. Using VPA-k policy, the transactions with higher values are given higher priorities to execute first, while at most k percentage of the total processors are allocated to the urgent transactions dynamically. Through simulation experiments, VPA-k policy is shown to outperform other scheduling policies substantially in both maximizing the totally obtained values and minimizing the number of missed transactions.